Staff

Hello! Correct, the previous problem is solved and now this is a new one. Try to resolve it simply by logging your account out (from Eddie's main window), then login back and try a connection. Kind regards

Hello! The translocation has been successfully avoided. Now, to resolve the problem, please open a terminal and enter the following command while Eddie is not running: sudo chown root /Applications/Eddie.app/Contents/MacOS/* Important, if you get a "permission denied" error after you entered the above command please grant Full Disk Access to the Terminal App. You can do it by selecting System Preferences > Security and Privacy > Privacy > Full Disk Access and then adding the Terminal app by pressing the "+" button and selecting it. Then open another terminal and repeat the above command Finally re-start Eddie and test again. Kind regards

Hello! First, please avoid translocation (Gatekeeper Path Randomization, GRP) by copying the app in the Applications folder or in any other proper place you like, exclusively through Folder utility. Then run again the app and please send us the complete log again if the problem persists, or even better please send us a system report generated by Eddie. Kind regards

Hello! Yes, attempts to show that "objective morality" exist are around since the time of Plato (at least) but they have never succeeded. Securing the possibility of objective knowledge in morality has been the dream of several Giants of Philosophy throughout human history, but nobody so far succeeded. Nowadays scientific analysis tend to show the contrary, i.e. that there's no such thing as an objective morality. Then, even if objective morality existed, comes the huge problem to define it and to interpret the definition. Your definition for example is not universally accepted, therefore there are serious doubts that this "objectivity" exists indeed. And even by accepting your definition many actions remain moral for some people and immoral for other people, according to the interpretation of your definition (we will not insult your intelligence to make trivial examples). Anyway, all of your considerations don't change the observation that your statement according to which privacy would be "a form of luxury" for financially wealthy people is false, perhaps even according to your own definition of morality! This can be an honorable and moral behavior indeed, but we don't see how this personal choice should support the idea that privacy is the luxury of wealthy people. Kind regards

Hello! We will consult with Eddie's developer but at a first glance it's (perhaps) because the "Allow local" option acts on the Network Lock rules only, while by adding addresses you also force Eddie to modify the routing table. This is necessary with WireGuard as its userland utilities (necessary because there is no WireGuard library or kernel module in macOS) are launched by Eddie through a profile that makes all the IP address space 0.0.0.0/0 fall into the VPN tunnel. Kind regards

Hello! To discern whether your problems are GlueTun related or not, and qBittorrent related or not, please connect directly the host and test again. Also test, with and without GlueTun, performance with different protocols (not torrent). Kind regards

Privacy is a fundamental human right enshrined in any charter of fundamental rights, including the United Nations Universal Declaration of Human Rights and the Charter of Fundamental Rights of the European Union, and a series of amendments in the US constitution (including but not limited to the 4th Amendment). The right to privacy has been equated to the right to life (for example by the India Supreme Court) and privacy (in the form of anonymity) has been recognized as an essential requisite to freedom of expression, according to a landmark & paramount decision of the US Supreme Court in 1994. It is exactly the opposite in many documented cases. The right to privacy is often perceived as a privilege for the wealthy but it is actually more crucial for financially poor individuals, as you can easily verify through the sources and reports by the UN and by many human rights advocate organizations. As far as it pertains to additional protection of privacy on the Internet through more effective data protection and a layer of anonymity, we contribute also by aiding, technically or financially, networks that are free for everyone, such as Tor, making privacy protection enhancement (small or big) affordable for more persons. While privacy is very precisely defined universally (and coded in law as one of the most important human rights in many countries), morality poses problems even with its definition. Codes of conduct endorsed by a society or a group (such as a religion), or accepted by an individual for her own behavior, are multiple, and many of them are mutually incompatible. Large groups of people endorse a "supreme, universal" morality that's totally refused by other groups. Some groups define "morality" as something that it's not even defined as "morality" by another group. Some groups claim that "morality" is something defined by some external, powerful entity, given to us through revelation and the interpretation of this revelation by selected persons, while other groups do not even agree about the existence of such external entity. That's why many of the most famous "educators" you mention, in the course of history have been incensed as heroes of their times by some groups, while other groups have defined them, at the same time or later in history, as bloodthirsty monsters, crazy lunatics or anyway people against morality. Even your invitation to avoid a perfectly legal action in all Western countries shows that your "morality" is incompatible with the "morality" of many other individuals and groups. Kind regards

Hello! With Eddie Android & Desktop edition, and with the AirVPN Suite, you can define a white list of a single VPN server. When a white list is defined, the software will consider only servers inside that list. With a third party software, you can generate a configuration file for a single server from the Configuration Generator. Kind regards

Hello! Please check this and let us know: https://airvpn.org/forums/topic/68044-using-windows-10-home-eddie-is-invisible/?do=findComment&comment=245874 Kind regards

Hello! You can consider taking advantage of AirVPN DDNS (it is included in every plan) or lock the connection always to the same VPN server (not a good solution if that server goes down). Please see here: https://airvpn.org/faq/ddns/ Kind regards

Hello! Eddie GUI is built for Intel architecture because it is written in C#, thus runs in the Mono framework that is not available for ARM / Apple Silicon. Eddie backend is entirely written in C++ and when you download the package for ARM you get an Eddie backend built and optimized for ARM 64 bit. Eddie CLI is built for ARM 64 bit as well. Kind regards

Hello! Please try to set WireGuard interface MTU to 1280 bytes. GlueTun's default is 1400 bytes which could be too large for your network. A too large MTU will cause major performance hit or even disconnections.. MTU size can be set through the WIREGUARD_MTU environment variable. "You can bind mount an ini Wireguard configuration file to /gluetun/wireguard/wg0.conf. " https://github.com/qdm12/gluetun-wiki/blob/main/setup/options/wireguard.md Another performance improvement can be obtained by configuring correctly the container in order to allow the torrent software to receive the incoming packets. Note that in your compose file you did not map the proper port in the ports: section and you did not define properly the FIREWALL_VPN_INPUT_PORTS environment variable, which should be set according to the port you remotely forwarded on your AirVPN account port panel. EDIT: after a few minutes we published this message we noticed that your torrent software became reachable, so the above setting modifications are probably unnecessary. Kind regards

@partypat Hello! Can you please upgrade to AirVPN Suite 2.0.0 beta 4 and check whether the problem gets resolved or not? https://airvpn.org/forums/topic/66706-linux-airvpn-suite-200-preview-available/ Kind regards

Hello! Can you please check whether Eddie starts minimized and its tray icon is somewhere in the system tray? Please make sure you can see hidden icons too by clicking the "up" arrow on the system tray. Eddie may start minimized if it configured to do so. Its tray icon is a tiny cloud in a circle. By double-clicking it, Eddie main window should pop-up. You can tell Eddie not to start minimized by unchecking "Start minimized" in "Preferences" > "General" window. Kind regards

Hello! From your description you're just fine and there are no leaks. The suspicious connection stats are updated only every other minute or so, therefore they are not decisive. Just to stay on the safe side even more, you can consider to force Docker containers' traffic through the Gluetun container's network thus preventing any possible traffic leak outside the VPN tunnel: https://tcpip.wtf/en/force-docker-containers-vpn-gluetun.htm Kind regards

@misamarumaru Hello! Your setup is not infrequent to achieve "double hop" and increase the anonymity layer robustness in case one of the VPN servers is secretly or even illegally wiretapped and another one is not. The price to pay, as you noticed, is a performance hit. This setup is not "optimal" for the mentioned purpose because all the hops belong to the same entity. When a much more robust privacy or anonymity layer is needed, and one is fine with a remarkable performance decrease, a more effective multi-hopping is with the Tor network, even without previous double hop. Kind regards

Hello! Please see here for an explanation and a solution. https://airvpn.org/forums/topic/67862-random-connections-to-different-cities-with-a-specific-city-vpn/?do=findComment&comment=245613 Please make sure you read GlueTun's documentation, including the part related to AirVPN integration: https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/airvpn.md Kind regards

Hello! Eddie should allow the execution of binaries when they are not owned by root, only if they pass the checksum verification. If they don't, only files owned by root will be run with root privileges. The files packaged with Eddie should pass the checksum verification. Why it does not happen is a matter of an ongoing investigation by the developers. With that said, the system refusal to change ownership even to the superuser is probably caused by a terminal that's not allowed to have full disk access, according to System Integrity Protection. You should grant Terminal program full disk access in the following way: Make sure that Terminal is not running. Open System Preferences > Security & Privacy from the Apple menu.. Click the padlock icon at one corner of the window and enter your administrator password to make changes. Go to the Privacy tab. Click the [+] button at the bottom of the list on the right. Navigate to Terminal program location in the Applications folder ([...]/Applications/Utilities/Terminal). Add Terminal to the list and make sure that its checkbox is ticked. Then, open the terminal and try again to change ownership of the relevant files sudo chown root <full path and name of the file> You will need to change ownership of both wg and wireguard-go files. Kind regards

Hello! Since the firewall is enabled the FIREWALL_VPN_INPUT_PORTS environment variable must be set to the proper ports (in case of multiple ports, separate their values with a comma ",") in any Docker container where appropriate. The firewall blocks any unsolicited incoming packet to any port whose value is not contained in the mentioned variable. We meant to test without any container, without any virtual environment. The initial post clearly states that the tests "were all run with the containers open, restarted, ports tested at every turn, active listening for connections", so we assumed that they were run in some Docker container. Sorry for having assumed specifically GlueTun, anyway the suggestion remains valid (FIREWALL_VPN_INPUT_PORTS is a Docker environment variable). According to your needs any virtualization seems unnecessary indeed. Kind regards

@Y7h-2dfrgrtAA-3 Hello! Thank you very much for the head up. A cable related problem, not detected by Quintex monitoring system, has been expeditiously solved and the machines are alive and kicking now. Kind regards

Hello! OK. However you need to set the rules after (and every time) Eddie has enforced the Network Lock, because previous rules will be overwritten each time Eddie enables Network Lock. You also need to bind the listening software to the physical network interface. Maybe a more practical solution is running AirVPN Suite 2.0.0 beta version and run the listening software outside the VPN tunnel. For this purpose just enable Bluetit's traffic splitting, connect via Bluetit, and finally run the listening software through cuckoo (an utility included in the Suite). You can keep using Network Lock even with this setup: Network Lock will prevent leaks from anything except the program(s) whose traffic must go outside the VPN tunnel. https://airvpn.org/forums/topic/66706-linux-airvpn-suite-200-preview-available/ In this way the listening software remains reachable from outside the VPN tunnel as long as Bluetit is not shut down and port forwarding on the router is properly set. Kind regards

@Loadstone Hello! What is the value of the FIREWALL_VPN_INPUT_PORTS GlueTun environment variable? Does the problem persist or disappear if you operate directly on your host, without virtual environments? Kind regards

Hello! (Solved by disabling the route and DNS check). Kind regards

Hello! You need to generate, download and use new profiles when you renew, revoke or create client keys in the "Devices" panel, or trivially when you want a new connection mode or destination. In any other case, including remote port forwarding and DNS block list modifications, you do not need to generate new profiles Kind regards

Hello! For the readers' comfort, we paste here the solution, that you confirmed as working, suggested by the support team on your ticket Kind regards ===== Hello and thank you for your choice! Thank you for your great feedback. GlueTun supports AirVPN and bypasses the endpoint specified in the WireGuard profile, hence the problem you experience occurs. Therefore, you should make use of its environment variables to make sure that it connects always to the same server: SERVER_NAMES: Comma separated list of server names Example: SERVER_NAMES=Angetenar or always to the same city (but potentially to different servers if that city offers multiple servers): SERVER_CITIES: Comma separated list of cities Example: SERVER_CITIES=Toronto You can add the above in the compose file. Please check the documentation here: https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/airvpn.md Kind regards AirVPN Support Team